I've notices that when you EXCEED four bad passwords, you cannot connect (connection failures) for a short (and possibly increasing) time.
Need more than 3 or 4 bad tries though.. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Alex K. Angelopoulos Sent: Monday, 3 June 2002 3:49 PM To: [EMAIL PROTECTED] Subject: Re: Security... Speaking of this, I thought there was an increasing timeout implemented in the server for successive bad password attempts? I just tried checking this in real time and found that there was no noticeable delay when I tried about 4 successive "bad" passwords against a Windows TightVNC 1.23 server. ----- Original Message ----- From: "Dave Warren" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, 2002-06-02 23:52 Subject: Re: Security... > Shing-Fat Fred Ma wrote: > > In this situation, it would be very desirable > > to have the server act unfriendly towards > > password failures, thereby making it less > > necessary to use -localhost, thereby > > making it unnecessary to use ssh to connect. > > Another option, set up a secure interface to a software firewall (Or > hardware firewall, if you can afford it), browser based SSL, and use > that to unlock VNC as needed. > > The VNC session itself is still unencrypted, but at least it's access > secured. > > > -- > The nice thing about standards, there is enough for everyone to have > their own. > _______________________________________________ > VNC-List mailing list > [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list
